0 votes

I'd like to allow users to remove themselves from groups that they are already members of. Currently I have a business rule in place thats only allowing the OU Owners to remove users from the groups within their OU but I'd like to extend this to allow the users themselves to remove themselves from groups too.

image.png

Is there a condition I could add to this business rule that would accomplish this? Something like -

'If inititating user is a member of the adm-groupname' then allow then to remove themselves.

by (480 points)

1 Answer

0 votes
by (3.6k points)

Hello,

To allow users to remove themselves from groups, you need to add the If the initiator is not %member% condition to your Business Rule and join it with the existing condition using the AND operator. The Business Rule itself should look like this: image.pngWhen the Business Rule triggers, the %member% value reference will resolve into the DN of the user who is being removed from the group.

Also, users need to have the rights to modify the Member property of group objects to be able to remove themselves from groups.

Related questions

0 votes
1 answer

If I have 2 Active Directory Security groups in my domain - Group A Group B Is it possible to create a report that shows only users who have membership in both groups? For ... Jane Doe is in Group A AND Group B she would be included in the resulting report.

asked May 11, 2020 by sirslimjim (480 points)
0 votes
1 answer

We have a potentially complicated sitaution and so far I have no found a solution. Any suggestions will be greatly appreciated. We have specific security groups that ... or see any user details other than the memberships for these specific security groups.

asked Jan 2, 2023 by WannabeGuru (20 points)
0 votes
1 answer

I would like users to use Adaxes to add themselves or others to a group, but instead of it just working, it has to go thru an approval process and be approved by the group owner before they are added. Thanks!

asked Jun 30, 2021 by RayBilyk (240 points)
0 votes
0 answers

I'd like to implement an architecture whereby all Domain Users can request membership in any domain security group. I'd also like to allow the OU Owners to have ... from their groups without granting them the ability to remove users from all security groups?

asked Mar 25, 2020 by sirslimjim (480 points)
0 votes
1 answer

Hi All, I was following the following documentation https://www.adaxes.com/tutorials_DelegatingPermissions_GrantRightsToModifyADGroupMembership.htm However I cannot work out how to make it ... can only add themselves. Any help would be great. Many Thanks

asked Mar 30, 2020 by antondubek (440 points)
3,541 questions
3,232 answers
8,225 comments
547,802 users